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DEMYSTIFYING REACHABILITY 
IN VECTOR ADDITION SYSTEMS 

JEROME LEROUX AND SYLVAIN SCHMITZ 


Abstract. More than 30 years after their inception, the decidability 
proofs for reachability in vector addition systems (VAS) still retain much 
of their mystery. These proofs rely crucially on a decomposition of runs 
successively refined by Mayr, Kosaraju, and Lambert, which appears 
rather magical, and for which no complexity upper bound is known. 

We first offer a justification for this decomposition technique, by 
showing that it computes the ideal decomposition of the set of runs, 
using the natural embedding relation between runs as well quasi or¬ 
dering. In a second part, we apply recent results on the complexity 
of termination thanks to well quasi orders and well orders to obtain a 
cubic Ackermann upper bound for the decomposition algorithms, thus 
providing the first known upper bounds for general VAS reachability. 
Keywords. Vector addition system, reachability, well quasi order, 
ideal, fast-growing complexity 


1. Introduction 


Vector addition systems (VAS), or equivalently Petri nets, find a wide range 
of applications in the modelling of concurrent, chemical, biological, or busi¬ 
ness processes. Their algorithmics, and in particular the decidability of 
their reachability problem, is a central component to many decidability re¬ 
sults spanning from the verification of asynchronous programs m to the 
decidability of data logics mmm- Considered as one of the great achieve¬ 


ments of theoretical computer science, the original 1981 decidability proof 
of Mayr 


is the culmination of more than a decade of research into the 
topic, and builds notably on an incomplete proof by Sacerdote and Ten¬ 
ney [38] • The proof was simplified a year later by Kosaraju [23]; see also 
the account by Muller [35j and the self-contained and detailed monograph 
of Reutenauer m on this second proof. In spite of this success, as put by 
Lambert [26] “the complexity of the two proofs (especially in [31]) wrapped 
the result in mystery and no use of their original ideas” was made before he 


provided a further simplification ten years later in 1992 and employed it to 
prove results on VAS languages. 

At the heart of the various proofs lies a decomposition technique, which 
we dub the Kosaraju-Lambert-Mayr-Sacerdote-Tenney (KLMST) decompo¬ 
sition in this article after its inventors. In a nutshell, the KLMST decompo¬ 
sition defines both a structure and a condition for this structure to represent 
in some way the set of all runs witnessing reachability. The algorithms ad¬ 
vanced by Mayr K osara ju, and Lambert compute this decomposition by 
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successive refinements of the structure until the condition is fulfilled. The 
KLMST decomposition is a powerful tool when reasoning about VAS runs, 
and it has notably been employed 

• by Habermehl, Meyer, and Wimmel m to show that the downward- 
closure of a labelled VAS language is effectively computable—let us 
mention a new proof by Zetzsche |33], which does not explicitly rely 
on the KLMST decomposition—, and 

• by Leroux [29] to derive a new algorithm for reachability based on 
Presburger inductive invariants—he would later re-prove the correc¬ 
tion of this new algorithm without referring to the KLMST decompo¬ 
sition, yielding a compact self-contained decidability proof for VAS 
reachability m- 

Our feeling however is that the decidability of VAS reachability, and es¬ 
pecially the KLMST decomposition, is still shrouded in mystery. The result 
is highly complex on two accounts: 


On a conceptual level the various instances of the KLMST decomposition 
seem rather magical. How did Mayr come up with regular constraint graphs 
with a consistent marking ? How did Kosaraju come up with generalised 
VASS and his 8 condition ? How did Lambert come up with his perfect 
condition on marked graph-transition sequences ? Most importantly, which 
guidelines to follow in order to develop similar concepts for VAS extensions 
where the decidability of reachability is still open, e.g. for unordered data 
Petri nets [28], pushdown VASS [27], or branching VAS [39] ? 

Arguably, the issue here is not to understand how these structures and 
conditions are used in the algorithms themselves, nor to check that they 
indeed yield the decidability of VAS reachability. Rather, the issue is to 
explain how these structures and conditions can be derived in a principled 
manner. 


On a computational complexity level no complexity upper bound is known 
for the general VAS reachability problem, while the best known lower bound 
is ExpSPACE-hardness [32]. The only known tight bounds pertain to the 
very specific case of 2-dimensional VAS with states, which were recently 
shown to have a PSPACE-complete reachability problem [3]. 

As observed e.g. by Muller [35] the algorithms computing the KLMST 
decomposition are not primitive-recursive, but no one has been able to derive 
a complexity upper bound for these algorithms, while the new algorithm of 
Leroux 1291 [30] using Presburger inductive invariants seems even harder to 
analyse from a complexity viewpoint. 


Our contributions in this paper are first to propose an explanation for 
the KLMST decomposition. Using a well quasi ordering of VAS runs de¬ 
fined by Jancar [20] and Leroux m and recalled in |Section 5| we show a 


Decomposition Theorem (Theorem 8.1): the KLMST algorithm computes an 


ideal decomposition of the set of runs, i.e. a decomposition into irreducible 
downward-closed sets (see Section 8). The effective representation of those 
ideals through finite structures turns out to match exactly the structures 
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and conditions expressed by Lambert [26], see sections [6] and [7J This pro¬ 
vides a full formal framework in which the reachability problem in various 
VAS extensions might be cast, offering some hope to see progress on those 
open issues. 

The second contribution in Section 9 is the proof of a “cubic Ackermann” 
complexity upper bound on the complexity of the KLMST decomposition 
algorithm, i.e., an F w 3 upper bound in the fast-growing complexity hierarchy 


(F a ) a defined in [Hj. We apply to this end the recent results on bounding 
the length of controlled bad sequences over well quasi orders from [S2l [3D] . It 
yields the first known upper bound on VAS reachability. As a byproduct, it 
also yields the first complexity upper bound for numerous problems known 
decidable thanks to a reduction to VAS reachability, e.g. mESHM among 
many others. 

We start in sections Si and [4] by presenting the necessary background 
on VAS, well quasi orders, and ideals. 


2. Vector Addition Systems 

Vectors and sets of vectors in 7L d for some natural d are denoted in bold 
face. A periodic set is a subset P of 7L d that contains the zero vector 0 = 
(0,..., 0) and such that p + q G P for all p, q E P. 

A vector addition system of dimension d in N is a finite set A of actions 
a in Ti d [23] . The operational semantics of VASs operates on configurations, 
which are vectors c in N d . A transition is then a triple (u, a , v) G x A x 
such that v = u + a, where addition operates componentwise; the set of 
transitions of A is denoted by Trans^. 

A prerun over A is a triple p = ( u,w,v ) where u and v are two config¬ 
urations in and w is a sequence of triples (ui,oi,t>i) • • • (u/., a*;, v*,) in 
(N d x A x N d )*. The configurations u and v are called respectively the source 
and target of p, and are denoted respectively by src (p) and tgt(p). The ac¬ 
tion sequence a = a\ ■■■ is called the label of p. We write PreRuns J 4 for 
the set of preruns over A. 

A prerun ( u,w,v ) is connected if w = (ui, a\, iq) • • • (u/., a^, vyfi is a 
transition sequence in TVans^ such that 

• either w = e is the empty sequence and then u = v, 

• or k > 0 and u = u\, v = v^, and Uj +1 = Vj for all 0 <j<k. 

We call a connected prerun p a run. If there exists a run p from source u 
to target v labelled by a, we denote by u v this unique run p. Notice 

that it implies v = u + Y2j=i a j'i n °t e however that given u, v, and a, 

v = u + ^ 2^=1 a j does not necessarily imply that u v. 

We are interested in this paper in the following decision problem: 

Problem: VAS Reachability. 

input: A VAS A, a source configuration x, and a target configura¬ 
tion y. 

question: 3a £ A*.x 4 y? 
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# # # ft 

-HI,3)->(2,4)->(3,5)->(4,6) 


a, a a 

->(3,4)->(2,2)-> 


Figure 1. A run from x = (0,2) to y = (1,0) labelled by 
( 1 , 1 ) 4 (- 1 , - 2 ) 3 . 


Given two configurations x and y in N rf , we define the set of runs of A from 
x to y as 

Runs^cc, y) d A ! { x ^y\ae A*} . (1) 

The VAS reachability problem can then be recast as asking whether the set 
RunsA(*,y) is non empty. 

3. Well Quasi Orders 

A quasi-order (qo) is a pair (X, <) where X is a set and < is a reflexive and 
transitive binary relation over X. We write x < y if x < y but y x. Given 
a set S C X, we define its upward-closure '[S = {x E X | 3s E S. s < x} 
and downward-closure = f {x E X | 3s E S . x < s}. When S = {s} 
is a singleton, we write more succinctly fs and |s. An upward-closed set 
U C X is such that U = f U and a downward-closed set D C X such that 
D = fD. Observe that upward- and downward-closed sets are closed under 
arbitrary union and intersection, and that the complement over X of an 
upward-closed set is downward-closed and vice versa. 

3.1. Characterisations. A finite or infinite sequence xq, x\, X 2, ■ ■ ■ of el¬ 
ements of a qo (X, <) is good if there exist two indices i < j such that 
Xi < Xj, and bad otherwise. A well quasi order (wqo) is a qo with the 
additional property that all its bad sequences are finite. 

Example 3.1 (Finite sets). As an example, a set X ordered by equality is a 
wqo if and only if it is finite: if finite, by the pigeonhole principle its bad 
sequences have length at most |X|; if infinite, any enumeration of infinitely 
many distinct elements yields an infinite bad sequence. □ 

There are many equivalent characterisations of wqos [25, T2]. For in¬ 
stance, (X, <) is a wqo if and only if it is well-founded, i.e. there are no 
infinite descending sequences xq> x\> ■ ■ ■ of elements from X, and it has 
the finite antichain (FAC) property, i.e. any set of mutually incomparable 
elements from X is finite. 

Example 3.2 (Well orders). Any well-founded linear order, i.e. where < is 
furthermore antisymmetric and total, is a wqo: in that case, antichains have 
cardinal at most one. Examples include (N, <) the set of natural numbers, 
i.e. the ordinal co. □ 
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We will also be interested in the following characterisation: 

Fact 3.3 (Descending Chain Property). A qo (A, <) is a wqo if and only 
if any non-ascending chain Dq D D\ D D 2 Q • • • of downward-closed sub¬ 
sets of X eventually stabilises, i.e. there exists a finite rank k such that 

DieN = ■ 

Proof. For the direct implication, assume that there exists a non-ascending 
chain that does not stabilise, i.e. there exists an infinite descending sub-chain 
Di 0 3 Di 1 D D{ 2 C •••. This means that there exists an infinite sequence 
of elements x tj £ Z?j . \ Z?j. +1 . Note that, if j < k, then X{ . is in Di j \ Di k , 
hence x l;i Xi k , and therefore (A", <) is not a wqo. 

Conversely, consider any infinite sequence xq, x±,... of elements of X. Let 
then Ui = Uj<* t x 'j and D, = X \Ui. Observe that if the non-ascending 
chain of Dfs stabilises at some rank k, then U & = U k+ 1 = Ut^fc+i, hence 
there exists i < k such that Xi < Xk+ 1 , showing that (A, <) is a wqo. □ 

Another consequence of the definition of wqos is: 

Fact 3.4 (Finite Basis Property). Let (A, <) be a wqo. IfU C A is upward- 
closed, then there exists a finite basis B C {/ such that f B = U. 

3.2. Elementary Operations. Many constructions are known to yield 
new wqos from existing ones. In this paper we will employ the following 
elementary operations: 

3.2.1. Cartesian Products. If (A, <x) and (Y, <y) are wqos, then their 
Cartesian product A x Y is well quasi ordered by the product (quasi-) or¬ 
dering defined by (x,y) < (x',y') if and only if x <x x 1 and y <y y'. For 
instance, vectors in along with the product ordering form a wqo. This 
result is also known as Dickson’s Lemma. 

3.2.2. Finite Sequences. If (A', <x) is a wqo, then the set A* of finite se¬ 
quences over A is well quasi ordered by the sequence embedding defined by 
a <* a 1 if and only if a = x\ ■ ■ ■ Xk and a' = <Jqx\ a\ ■ ■ ■ a' k _ x x' k a’ k for some 
Xj < x x'n in A for 1 < j < k and some o'- in A* for 0 < j < k. For instance, 
finite sequences in E* for a finite alphabet (E,=) form a wqo. This result 
is also known as Higman’s Lemma. 

In the following, we call elementary those wqos obtained from finite sets 
(A, =) through finitely many applications of Dickson’s and Higman’s lem¬ 
mas. Note that (N, <) is elementary since it is isomorphic with finite se¬ 
quences over some unary alphabet with equality. 


4. WQO Ideals 


Downward-closed sets D can be denoted by a finite set of elements in 
A: since A \ D is upward closed, it is the upward closure of a finite set 
B C X \ D thanks to Fact 3.4 We deduce the following decomposition: 


D= P|(*\taO- 

xeB 
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In this section, we recall an alternative way of decomposing downward- 
closed sets, namely as finite unions of ideals. This is a classical notion— 
Fra'isse [HI Section 4.5] attributes finite ideal decompositions to Bonnet [5j— 
which has been rediscovered in the study of well structured transition sys¬ 
tems [13]. Let us review the basic theory of ideals, as can be found in [5] 
mmm-, see in particular [46] for a gentle introduction. 

4.1. Ideals. A subset S of a qo (X, <) is directed if for every x\, X 2 £ S there 
exists x £ S such that both x\ < x and X 2 < x. An ideal I is a directed 
non-empty downward-closed set. The class of ideals of X is denoted by 

IdlpOQ 

Example 4.1 (Well orders). In an ordinal a seen in set-theoretic terms as 
{/? | /3 < ck}, any (3 < a is a downward-closed directed subset of a, and 
conversely any downward-closed directed subset of a is some /? < a. Hence 
the ideals of a are exactly the elements of a + 1 except 0 . □ 

4.1.1. Ideals as Irreducible Downward-Closed Sets. An alternative charac¬ 
terisation of ideals shows that they are the irreducible downward-closed sets 
of a qo ( X , <): 

Fact 4.2 (Ideals are Irreducible 122113 . 16]). Let I be a non-empty downward- 
closed set. The following are equivalent: 

(1) I is an ideal, 

(2) for every pair of downward-closed sets {D\,D 2 ), if I = D 1 UD 2 , then 
I = D\ or I = D 2 , and 

(3) for every pair of downward-closed sets (Di,!^), if I C D 1 UD 2 , then 
I C D\ or I C Z?2 • 

Because we find the proof of this fact in Pina EH] enlightening, we recall 
the main ideas here: 


Proof Assume that I is an ideal and let (D\, D 2 ) be two downward- 

closed sets such that / = D\ U D 2 . If I = D\ we are done, so we can assume 
that there exists x £ I \ D\. Because D 2 C /, it remains to prove that 
I C D 2 . 

Consider any y £ I. Because I is directed, there exists m £ I such that 
x, y < m. Observe that m. £ I C D 1 U.D 2 but m ^ D\ since D\ is downward- 
closed, x < m and x fL D\. Thus m £ D 2 , and since D 2 is downward-closed, 
y £ Z? 2 - We have shown that I C D 2 . □ 


Proof of[ 2] =>• [[3} Let / be a non-empty downward-closed set satisfying 
item 2|and let (D\, D 2 ) be a pair of downward-closed sets with I C I J\ LJ I)^. 


Define c = D\ n I and D' 2 = D 2 0 I : then I = D[ or I = D' 2 by 
and therefore I C D\ or / C D 2 . 


item 2 


□ 


Proof oM =>□ Let / be a non-empty downward-closed set satisfying 


item 3 


def 


Consider x±,X 2 £ I along with the downward-clo sed sets D\ = 

I C Di 


X \ fxi and D2 c = X \ f X2 ■ Observe that, if I C D\ U D2, by 
or / C D 2 , and in both cases we get a contradiction with x\,X2 £ I. Hence, 


item 3 


1 


The set of ideals equipped with the inclusion relation is also called the completion of 
the wqo (X, <), see jl3) . 
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there exists m £ I \ {D\ U D2 ), thus X\,X 2 < m and we have shown that / 
is directed. □ 


Example 4.3 (Finite sets). In a finite wqo ( X , =), any subset of X is downward- 
closed. The ideals are thus exactly the singletons over X: any other non¬ 
empty subset of X can be split into simpler sets. □ 


Corollary 4.4. An ideal I is included in a finite union D\ U • • • U Dj. of 
downward-closed sets D 1 ,..., Dk if and only if I C Dj for some 1 < j < k. 


Proof. By induction on k using Fact 4.2 


□ 


4.1.2. Finite Decompositions. Observe that any downward-closed set of the 
form fx is an ideal, hence any downward-closed set is a union of ideals. 
However, the main interest we find with ideals is that they provide finite 
decompositions for downward-closed subsets of wqos: 


Fact 4.5 (Canonical Ideal Decompositions 22 j, 13. Hi ). Every downward- 
closed set over a wqo is the union of a unique finite family of incomparable 
(for the inclusion) ideals. 

Let us again recall the proof as found in [Sana nn: 


Proof. Assume for the sake of contradiction that there exists a downward- 
closed set D of a wqo (X, <), for which only infinite ideal decompositions 
exist. Because (X,<) is a wqo, by Fact 3.3] (Idl(X),C) is well-founded 
and we can choose D minimal for inclusion. Observe that D is nonempty 
(or it would be an empty union of ideals). Whenever D = D\ U D 2 for 
some downward-closed sets D\ and D 2 , there is i in {1,2} such that Di 
requires an infinite ideal decomposition, and thus by minimality of D, D = 
Di. By Fact 4.2 D is an ideal, contradiction. Finally, the unicity of the 
decomposition follows from Corollary 4.4 □ 


The statement of Fact 4.5 can be strengthened: it already holds for FAC 
partial orders [see umm- 


4.2. Adherent Ideals. Consider some subset S of X. We call an ideal I 
of X an adherent ideal of S, and say that I is in the adherence of S, if there 
exists a directed subset AC S such that = I. 

By Fact 4.5[ the downward-closure fS has a canonical ideal decomposi¬ 
tion. The following lemma shows that the ideals in this decomposition are 
in the adherence of S. 


Lemma 4.6. Let (A, <) be a wqo and S C X . Then every maximal ideal 
of IS is in the adherence of S. 

Proof. Assume that S is non-empty—or the lemma holds trivially. Let us 
write fS = J U J\ U ■ ■ ■ U Jj, for the canonical decomposition of \.S. By 
minimality of this decomposition, there exists xj in J such that xj 0 Jj for 
all 1 < j < k. Thus any element s in fxj n S must belong to J. 

Let us show that J n S is directed: for s,s' E JdS, because J is directed 
we first find y in J larger or equal to s, s', and xj. Since J C {.5, we then 
find s" > y in S. By the remark made in the previous paragraph, since 
s" > xj, s" also belongs to J . 
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It remains to show that J = nS). It suffices to show the inclusion 
J C l(JnS) since the converse inclusion is immediate. Consider any y from 
J. Then there exists y' in J larger or equal to both y and xj, and again 
since JCjS and by definition of xj there exists s > y' in ,7 n S. □ 


Later in Section 5 we will exploit Lemma 4.6 in a particular setting, where 
a downward-closed over-approximation D of S is known. 


Lemma 4.7. Let ( X , <) be a wqo, S C D C X for D downward-closed, and 
I be a maximal ideal of D. Then I C fS if and only if I is in the adherence 
ofS. 


Proof. If there exists a directed set A C S such that / = |A, then / C fS. 

Conversely, assume that I C fS. Because I is non-empty, this means that 
fS has a non-empty ideal decomposition into maximal ideals by |Fact 4.5 


Furthermore, by|Corollary 4.4[ I is included into one of those maximal ideals 
J of IS. 

Because J C D, by Corollary 4.4 again there exists I' a maximal ideal of 
D with J C I'. Hence I = J = I', or I would not be a maximal ideal of D. 
Then [Lemma 4. 6l allows to conclude that I = J is in the adherence of S. □ 


4.3. Effective Ideal Representations. Thanks to Fact 4.5, any downward- 


closed set has a representation using finitely many ideals. Should we manage 
to fold effective representations of wqo ideals, this will provide us with algo¬ 
rithmic means to manipulate downward-closed sets. This endeavour is the 
subject of ns eei, and we merely provide pointers to their results here. 


4.3.1. Natural Numbers. As seen in Example 4.1, the ideals of (N, <) are 
either fn for some finite n 6 N, or the whole of N itself. As done classically 
in the VAS literature, we represent the latter using a new element noted 
“cu” with n < lo for all n € N, and denote the new set == N l±l {a;}. For 
notational convenience, we write fuj for N, so that an ideal of (N, <) can be 
written as fx for x in N w . 


4.3.2. Cartesian Products. Let ( X , <x) and (Y, <y) be two wqos, and as¬ 
sume that we know how to represent the ideals in Idl(X) and Idl(E). Then 
the ideals of X x Y equipped with the product ordering have a simple enough 
representation as pairs of ideals: 

Idl(A X Y) = {I x J | I e Idl(A) A Je Idl(E)} . (2) 


Configurations. For example, configuration ideals can be represented as fv 
for a vector v in Nf. 

In this paper we often find it convenient to identify partial vectors u in 
for some subset F C {1,..., d} with vectors v in Nf, with finite values over 
F, such that v(i) = cu if i fL F and v(i) = u(i) otherwise. Then projections 
7rp: Nf, —> Nf, on a set F C {1,..., d} can be defined for all 1 < i < d by 


ir F (u)(i) = f 



if i G F 
otherwise. 


(3) 
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Transitions. By Dickson’s Lemma, the product ordering over x A x N d 
is a wqo. 

A transition ideal is an ideal of X A x that is the downward closure 
of a set of transitions of TransA. As seen in |Example 4.3 , the ideals of A 
are the singletons {a} for a E A. By ([ 2 ]), the ideals of N d X A x N d can thus 
be presented as downward-closures of triples (u, a, v) in Nf, x A x N d . 

Transition ideals are going to form a particular class of such triples. Let 
us define addition over Z l±l {w} by k + uj = u + k = uj + uj = uj. A partial 
transition is a triple (u, a, v) in Nf, x A x Nf, such that v = u + a. The 
following is immediate by continuity, but can also be given a non-topological 
proof: 

Lemma 4.8. The transitions ideals ofN d xAxlA d are exactly the sets ft 
with t a partial transition. 


Proof. First notice that f(u,a,u + a) for some u in NjJ and a in A is a 
transition ideal of x Ax N rf : it is non-empty, directed, and the downward 
closure of a set of transitions in TransA- 

Conversely, let I C TransA be a transition ideal. There exists a set 
T C TransA such that I =f T. Then I = a, v ) for u, v in Nf, and a 
in A. Let us show that v = u + a. Assume for the sake of contradiction 
that there exists 1 < i < d such that v{i) < u(i) + a(i). There exists u' in 
fu such that v(i) < u'{i) + a(i). Moreover, since u' is in fu, there exists 
(■ u",a,u" + a) G T such that u' < u". But then u" + a does not belong 
to fv since u"(i ) + a(i) > u'(i) + a(i ) > v(i). This is a contradiction. The 
case where there exists 1 < i < d such that v(i) > u(i ) + a(i) is similar. □ 


Partial transitions can also be viewed as projected transitions: 

ir F ((u,a,v)) = f (TT F (u),a,Tr F (v)) . (4) 


4.3.3. Finite Sequences. In the case of sequences over a finite alphabet (E, =), 
Jullien m first characterised the ideals using a simple form of regular ex¬ 
pressions, which was later rediscovered by Abdulla et al. [1] for the verifica¬ 
tion of lossy channel systems. A representation of ideals for sequences over 
an arbitrary wqo (X, <) was given by Kabil and Pouzet \T2\ and also redis¬ 
covered in the context of well-structured systems by Finkel and Goubault- 
Larrecq [l3|. 

Assume as before that we know how to represent the ideals in Idl(X). 
Define an atom A over X as a language A C X* of the form A = D* where 
D is a downward-closed set of X —i.e. a finite union of ideals from Idl(X)—, 
or form A = /U{e} where I is an ideal from Idl(X) and e denotes the empty 
sequence. A product P C X* over X is a finite concatenation P = A\ ■ ■ ■ Af ; 
of atoms Ai,...,Ak over X. We denote by Prod(X) the set of products 
over X. 


Fact 4.9. The ideals of X* are the products over X. 

It is convenient for algorithmic tasks to have a canonical representation of 
ideals. In the case of products over X, there is no uniqueness of representa¬ 
tion, e.g. (a + b )* • b* denotes the same ideal as (o + b)* over X = {a, b}. We 
can avoid such redundancies by considering reduced products P = A\ ■ ■ ■ A^, 
where for every j. the following conditions hold: 
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( 1 ) Aj / 0 *, 

(2) if j + 1 < k and Aj + \ is some D* , then Aj (2 Aj + \, 

(3) if j — 1 > 1 and A,_i is some D* , then Aj (2 Aj—\. 

Because inclusion tests between effective representations of ideals are usually 
decidable, these conditions can effectively be enforced. 

Fact 4.10. Every ideal of X* admits a canonical representation as a reduced 
product over X. 

4.3.4. Effectiveness. In order to be usable in algorithms, wqo ideals need 
to be effectively represented. Following Goubault-Larrecq et al. [16J, one 
can check that all the elementary wqos (X, <) enjoy a number of effective¬ 
ness properties. Besides some basic desiderata, among which being able to 
decide whether (the representation of) two elements of X coincide or are 
related through <, and similarly for Idl(X) and the inclusion ordering, our 
elementary wqos are in particular equipped with (see |T6’| for details): 

II: an algorithm taking any pair of (representations of) ideals I and J 
in Idl(X) and returning (a representation of) an ideal decomposition 
of I n J, and 

CU’: an algorithm taking any (representation of an) element x in X 
and returning (a representation of) an ideal decomposition of X\fx. 
By combining those two algorithms, we get: 

Corollary 4.11 (|16|). Let (X , <) be an elementary wqo. There is an al¬ 
gorithm taking any (representation of an) ideal I in Idl(X) and any (rep¬ 
resentation of an) element x in X and returning (a representation of) an 
ideal decomposition of I \ fx. 


5. A WQO on Runs 

The key idea in our explanation of the KLMST decomposition is to see 
it as building the ideals of the downward-closure of Runs^®, y) for an ap¬ 
propriate well quasi ordering defined by Jancar [20j and Leroux [30j. The 
reachability problem can then be restated as asking whether ^Runs^a:, y) 
is non empty, i.e. whether the ideal decomposition of f Runs^(cc, y ) is empty 
or not. 


5.1. Ordering Preruns and Runs. There is a natural ordering < of pre¬ 
runs. The product ordering over x A x can be lifted to an embedding 
between sequences of tuples in (N rf x A x N d )*. Finally, we denote by < 
the natural ordering over PreRunsA (see Figure 2 for an illustration in the 
particular case of runs). For a set of runs 12, we write fLl for its downward- 
closure inside PreRunsA, i.e. 


‘= {p E PreRunsA | 3 p E Ll.p < p} . 


(5) 


5.1.1. Transformer Relations. Embeddings between runs can also be un¬ 
derstood in terms of transformer relations (aka production relations) a la 
Hauschildt |18] and Leroux HUSH: the relation rx with capacity c in is 

7 1 C 

the relation included in N“ x N“ defined by u rx v if there exists a run from 
u + c to V + c. 
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8 . # it # 

( 3)3 )-* (2,1) -> (3,2) -* (2,0)-> (3,1) 

\'C J h/ 


(1,0) 


it 


( 2 , 1 ) 


Figure 2. A run embedding for <. 


5.1.2. Run Amalgamation. Leroux |30] observed t hat, thanks to monotonic¬ 
ity, each rv is a periodic relation (see Section 2): 0 rv 0, as witnessed by 
the empty run, and if u rv v and u' rxv', as witnessed by u + c ^ v + c 
and vl + c —> v' + c respectively, then u + vl rx v + v' as witnessed by 

u + u' + c—tv + v! + c -^-t- v + v' + c. Translated in terms of embeddings, 
the same reasoning shows: 

Proposition 5.1. Let po, pi, and p 2 be runs with po <1 pi,p 2 ■ Then there 
exists a run p 3 such that pi , p 2 < P 3 . 


Proof. Let po = c o - c k _\ c k . From po < p±, we can write p\ as 

<Jq CL\ CL](T k 

Pi = ^0 + Co -,• Cl + Co - > Vi + Cl ■ • • V k + Cfc_i > V k + Cfc —-> Cfc_|_i + Cfc 

, Cfc+i is a sequence of vectors in N rf . Symetrically, from po <jp 2 , 

/T " ~ / . a k / , 

•ci +c fc _i —> v' k +c k —> 


a k. 


where vq, . 

we can write p 2 = Cg+Co —c) +Co —4- v\ +c\ ■ ■ ■ v k 
v'k+i + c fc where v' 0 ,..., v k+1 is a sequence of vectors in N rf . 

Define P 3 = c 0 + t/ 0 + c 0 V\ + v' Q + c 0 -A v\ + c) + c 0 -^4- -tq + + 

I d'k / ^k f ^k / 

Cl ■ ■ ■ v k + v k + c fc _i — >■ v k + v k + Cfc —u fc+ i + + Cfc —Ufc + 1 + V k+1 + 

Cfc. □ 


Note that the proof of Proposition 5.1 further shows that when po,pi,P 2 £ 
Runs a(x,v), then p 3 6 RuriSA(cc, y) as well. 

5.1.3. Prerun Ideals. By |Fact 4.9| and Equation 2, the ideals of PreRunsA 
are of the form fu x P x {.v where u and v are in Nf, and P is a product 
over x A x N d , i.e. can be represented as a regular expression over the 
alphabet x A x Nf,. 

5.2. Abstraction Refinement Procedure. Because runs are particular 
preruns, we can look at the downward-closure of Runsyi(a;, y) inside PreRuns^. 
By |Fact 4.5] this set has a finite decomposition using prerun ideals from 
Idl(PreRuns^ 4 ). This suggests an abstraction refinement procedure to com¬ 
pute the ideal decomposition of -IRuns^cc, y)■ 

5.2.1. A Procedure for Reachability. An idea that looks promising is to 
build a descending sequence of downward-closed sets Dq D Di D • ■ ■ in¬ 
side PreRuns .4 while maintaining f Runs^cc, y) C D n at all steps, until we 


find the ideal decomposition of ^Runs^cc, y). By Fact 4.5 we can work 


with finite sets of incomparable ideals to represent the D n ' s. 
We start therefore with 

Dq c = PreRuns^ . 


( 6 ) 


li 















Assume we are provided with an oracle to decide whether an ideal I from 
D n is included in ^Runs^cc, y) and extract a counter-example otherwise. 
If / C Runsyi(a;, y) for all the (finitely many) maximal ideals I in D n we 
stop; otherwise we find a maximal ideal I from the decomposition of D n s.t. 


3w e I \ | Runs^cc, y) 


and thanks to Corollary 4.11 we construct an ideal decomposition of 

D' = I\f w 


(7) 

( 8 ) 


and we can refine D n and construct the downward-closed set for the next 
iteration—which involves removing redundant ideals—by 

D n+1 = D'u{D n \I) . (9) 


The procedure terminates by Fact 3.3l but depends on an oracle to per¬ 
form 0. 


5.2.2. Adherence Membership. Turning the previous abstraction refinement 
procedure into an algorithm hinges on the effective checking of I C Runs^*, y) 
for a maximal prerun ideal I of D n . 

Note that, in general, deciding whether I C |RunsA(ai, y) for a pre¬ 
run ideal I is at least as hard as VAS Reachability: observe indeed that 
j,(0,£,0) C ^Runs^*, y) if and only if Runs J 4 (*,y) ^ 0. We know this 
containment check to be decidable thanks to the [Decomposition Theorem 


but have at the moment no clue how to prove decidability without first 
assuming that there is an algorithm computing the ideal decomposition of 
Runs^*, y). 

We are therefore going to consider an adherence membership test instead. 
Indeed, by |Lennna 4.7 and because Runs J 4 (*,y) C D n for all n, we know 
that this containment check is equivalent to testing whether / is in the 
adherence of Runs^ai, y). 


Problem: Adherence Membership of Prerun Ideals. 

input: A d-dimensional VAS A, two configurations x and y in N d , 
and an ideal I in Idl(PreRuns^i). 
question: Is I in the adherence of IlunsAfa;. y )? 

As we show in App. [0 this problem in its full generality is undecidable: 


Theorem 5.2. The adherence membership of prerun ideals is already unde¬ 
cidable for ideals of the form fx x D* x fx for D a downward-closed subset 
of Transyi and x in . 


All is not lost however: we ask with the adherence membership problem 
for more than really needed. In the decomposition algorithm, I presents 
some further structure that can be exploited towards an algorithm. This 
motivates a deeper investigation of the properties of run ideals, which will 
be the object of the next sections. 


6. Local Adherent Ideals 

We start our investigation of the ideals of f Runs^a;, y) by looking at 
rather restricted classes of runs. The treatment of this restricted case will 
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turn out to contain most of the technical challenges of the next section on 
general run ideals, where we will assemble those local ideals into global ones. 
More precisely, we focus on sets fl 7 of runs of the form 


( 10 ) 

and (it, v) is a 
included in the 

transformer relation rv. We write 7 for the pair (c, P ). As we are going to 
j,fl 7 is an ideal of a particular form, for which an effective 


c + u —> c + v 

where c is a configuration in N d , a is a sequence in 
pair of configurations in a periodic set 


see 


A*, 

Section 2l) P 


see m 


Lemma 6.3 


representation can be found, see Section 6.2 


6.1. Periodic Transformer Subrelations. Formally, let 7 denote a pair 
(c, P) where c is in and P C rx is periodic. This is a familiar object, and 
we will reuse several statements from the literature. Following the notations 
from [ST] , let 

• fi 7 denote the set of runs of the form ( 10 ), 

• Q y C denote the set of configurations q that appear along some 
run in fl 7 —thus in particular c + u and c + v belong to Qy whenever 
(u, v) are in P. 


Example 6.1. Let us consider the 3-dimensional VAS A = {a, 6 } where 
a = (1,1, —1) and b = (—1,0,1), and the pair 7 = (c, P ) where c = (1, 0,1) 
and P = N(0 ,y) with y = (0,1,0). Note that P is included in rl since 

(ab) n 

there exists a run c-— > c + ny for every n. We have 

fl 7 = {c W1 - " w - n > c + ny | n G N, Wj G { ab , ba}} , 

Qy = (c + a + Ny) U (c + Ny) U (c + b + Ny) . 


The set fi 7 is depicted in Figure 3 


□ 


6.1.1. Saturated Pairs. We denote by F}) 1 (resp. F° nt ) the sets of indices i 
such that u(i) = 0 (resp. v{i) = 0) for every pair ( u , v) G P. We say that a 
pair ( u , v) in P saturates (F 1 ™, F° ut ) if u(i) = 0 implies i £ and v{i) = 0 
implies i £ F° ut . Since P is periodic, by summing at most 2d pairs in P , 
we see that there exist pairs in P that saturate (-F™, F° ut ). 
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(1,0,1) (l,w,l) 



Figure 4. The graph G 7 with its input si' 1 and output 


for Example 6.1 


~out 


By projecting c, we obtain two partial configurations sii 1 and s° ut : 


7 


def / \ 

— 7Tjrtn(c) , 


„out def 


7 


Qel / \ 
— 7Tpout(C) . 


( 11 ) 


Example 6.1 (continued). We have for our example: 

r ° Ut = {1 - 3} , 

„out 


F” = {1,2,3} 


F? 


7 


= ( 1 , 0 , 1 ) , 


7 


= ( 1 , 07 , 1 ) . 


Note that (0,y) saturates (F' n ,Fi 


out\ 


□ 


6.2. Representation through Marked Witness Graphs. We investi¬ 
gate in this section how to effectively represent j,fl 7 . In the sequel, we show 
that this ideal can be represented using the set of edges of a strongly con¬ 


nected graph called a witness graph (see Lemma 6.2) enjo ying some pumping 
properties with respect to s™ and s° ut (see Lemma 6.4). Such graphs will 
turn out to be exactly the ones employed bv Lambert j26] in his variant of 
the KLMST decomposition (see also [29]). 


6.2.1. Marked Witness Graphs. A witness graph is a strongly connected di¬ 
rected graph G = (S, E, s ) where S is a non-empty finite set of partial 
configurations in for some F C {1,..., <j}, L C 5 x 4 x S is a finite set 
of partially defined transitions, and s is a distinguished state in S. 

A marked witness graph is a triple M = (s m , G, s out ) where G is a witness 
graph, and s m and s out are partial configurations in and for some 

pm . pout, -j p suc h that _ 7 r^(s out ) = s. We associate with M the 

set VLm of runs p of the form x y where o is the label of a cycle on s in 
G, and such that s 1 " = Tip,, (x) and s out = 'K F »ut(y ). 

6.2.2. Projected Graphs. Let F 7 C {1, . .. , d} denote the set of indices i such 
that {q{i) \ q G Q 7 } is finite, i.e. the indices where Q 7 remains bounded. 
Note that this entails F 1 C F™ and F 7 C F° ut . We denote by 7 r 7 the 
projection function tt f . 

Observe that the projection S 7 '= 7 r 7 (Q 7 ) of Q 7 is finite, and so is E 7 
the set of partial transitions (ir 7 (q), a, Tr 7 (q')) where (q,a,q') appears in 

some run in fl 7 . We distinguish s 7 '= 7t 7 (c) as a particular state in S 7 . 
We denote by G 7 = (S 7 , E 7 , s 7 ) the finite labelled directed graph defined 
by projecting the runs in ft 7 , and M 7 ‘= (s“, G 7 , s° ut ) the corresponding 
marked graph with input and output s° ut . 

14 











Example 6.1 (continued). Projecting Q 1 on F 7 = {1,3} yields 7r 7 (c + a + 
ny) = (2, u, 0), 7r 7 (c + ny) = (1, a;, 1), and 7t 7 (c + b + ny ) = (0, cu, 2): 


= (l,w,l) , 


S 7 = {(2, w, 0), (1 ,cj, 1), (0, uj, 2)} . 


The graph G 7 is depicted on Figure 4 


□ 


We associate to a prerun p = (x,t\ ■ ■ ■ t k , y ) and a set F C {1,..., d}, the 
partial prerun: 


VT F(P) = {TT F (x),TT F (tl) ■ ■ ■ TT F (t k ),TT F (y)) 

If p is a run in fi 7 , then tt 7 (p) is a path inside G 7 , and by [I3T, Corol¬ 
lary VIII.5], 7 r 7 (a;) = 7r 7 (y) = s 7 , which means that this path is actually a 
cycle in G 7 . This in turn shows that G 7 is strongly connected. This proves: 


Lemma 6.2. The marked graph M 7 is a marked witness graph such that 

ri 7 v • 


6.2.3. Intraproductions. An intraproduction for 7 is a vector h in such 
that c + h belongs to Q 7 . We denote by H 1 the set of intraproductions for 
7 ; note that it contains in particular u and v if (u,v) 6 P. 

Leroux |311 Lemma VIII.3] shows that iT 7 is periodic and Q 7 + iT 7 C Q 7 . 
Following the proof of that lemma, denoting by T 7 the set of transitions 
occurring along runs of fl 7 , we deduce that if t = (p. a , q) is in T 7 , and h in 

H 1 is an intraproduction, then the transition t + h'= (p + h, a, q + h) also 
occurs in some run of f2 7 , i.e. t + h £ T 7 . It follows that, if h in iT 7 is such 
that h(i) > 0 for some index i , then i cannot belong to Fb, since c + nfa is 
in Q 7 for all n. This entails in particular that h = 0 if = {1,..., d}. 

A kind of converse property sometimes holds: we say that an intrapro¬ 
duction h in iT 7 saturates F 7 if whenever h(i) = 0 , then i belongs to F 1 , 
and therefore = {i \ h(i) = 0}. Leroux [3T1 . Lemma VIII.3] shows there 
exist intraproductions h in H 7 that saturate F^. 


Example 6.1 (continued). To continue with our example, the set of intrapro¬ 
ductions is il 7 = Ny. The only non-saturated intraproduction is 0, as any 
ny with n > 0 saturates F~. □ 


By similarly shifting every word w = t\ ... t k of transitions in T* to the 

word w + h (t\ + h) • ■ ■ (t k + h) where h is an intraproduction that 
saturates T 7 , we can show the following characterisation of {,H 7 : 


Lemma 6.3. The following equality holds: 

|fi 7 = 4-s“ x (|f; 7 )* x |s° ut . 

Proof. The inclusion C is immediate. For the converse inclusion, let us 
denote by T 7 the set of transitions occurring along runs of fl 7 . Now, consider 
any word w = t\ ■ ■ ■ t k of transitions in T* There exists an intraproduction 
h that saturates T 7 and a pair (mq, vq) in P that saturates (-F{ n , F° ut ). We 
denote by w + h the word (t\ + h) ■ ■ ■ (t k + h). Since tj + h is a transition 

in T 7 , it occurs along some run c + Uj — > c + Vj of I2 7 . Moreover, as 

(u 0 , vq) is in P, there exists a run c + uq c + vq. Let u = f Jf k j =0 Uj, 
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v == £- =0 ^, an d O'o • • • o-fc- Because P is periodic, it follows that 

(w, v) is a pair in P. Notice that p == (c + ii —> c + u) is a run in fl 7 and 
(c + uo, w + ft, c + vo) G Ip. Hence |(s™, ir 7 (io), s° ut ) C |f2 7 , proving the 
converse inclusion. □ 


Leroux eh Lemma VIII.11] shows that S- y is a set of incomparable par¬ 
tial configurations. Therefore the partial transitions in P 7 are incomparable. 
The previous lemma then shows that P 7 is the unique finite set of incom¬ 


parable elements in Nf, x A x satisfying Lemma 6.3 


6.2.4. Pumpable Configurations. A partial configuration x in Nf, is said to 
be forward pumpable by a witness graph G = (S, E, s ) if there exists a 
cycle on s labelled by a word oq., and a run using this label x -^A x' with 
x < x' such that |s = (J n |cc n , where x n is the configuration defined by 

x —> x n (such a configuration exists by monotonicity). Symmetrically, a 
partial configuration y in Nf, is said to be backward pumpable by a witness 
graph G = ( S,E,s ) if there exists a cycle on s labelled by a word cr_, 
and a run y' -^A y with y < y' such that |s = (J n ll/n where y n is the 

<T™ 

configuration defined by y n —> y. 

Saturated intraproductions also provide a way to prove that the graph 
input s™ and output s| ut are pumpable. 


Lemma 6.4. The input is forward pumpable by G^, and the output s° ut 
is backward pumpable by G 1 . 


Proof. Let ft be an intraproduction that saturates P 7 . There exists a run 

p = f c + Uh -^A c + ft c + Vh in H 7 . The projection 7r 7 (p) shows 
that <t_|_, cr_ are cycles on s 7 . Moreover, by projecting over F™ the run 

c + Uh — A c + ft, we see that si] 1 — 1 A s™ + ft. Hence si] 1 is forward pumpable 
by G 7 . Symmetrically s° ut is backward pumpable by G 7 . □ 


7. Global Adherent Ideals 


Our understanding of the KLMST decomposition is that it builds an 
ideal decomposition of |RunsA(*, y) inside PreRunsA- We have seen in 


Section 5.1 how to represent prerun ideals. However we should expect the 


maximal ideals of |RunsA(*, y) to have additional properties besides adher¬ 
ence, and indeed we shall see they can be represented using the structures 
employed in the KLMST decomposition. 

The starting point for our characterisation of run ideals is to consider 
some finite basis B of (R,unsA(cc, y), <!): if we consider the upward closure 
t p fl RunsA(®, y) of each run p in B inside Runs^]*, y), we obtain again 

Runs A{x,y) = (J tp n RunsA(®, y) ■ 

P&B 


( 12 ) 


Taking the downward-closure inside PreRunsA then yields 
| Runs A {x,y) = (J |(tp n RunsA(®, y)) , 

P&B 


(13) 
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prompting the study of |(tp H Runs^cc, y)). 


7.1. Maximal Ideals. Observe that each set J,('|'pn Runs^cc, y)) for a run 
p is downward-closed and non-empty, and that by [Proposition 54)] it is also 
directed, and is therefore an ideal. 

We can further see that those ideals are exactly the maximal ideals in the 
canonical decomposition of J,RunsA(a;, y). 

Proposition 7.1. The maximal ideals from the canonical decomposition of 
\. Runsyi(a:, y) are exactly the sets |(tp 0 RunsA(a3, y)) for some runs p in 
RunS/i (cc, y). 

Proof. For any run p, because J,(tpn Runs^*, y)) is an ideal, it is included 
into some maximal ideal I. By |Lemma 4.6[ I = fA for some directed subset 
A of Runs^cc, y). Let us show that I C ),(tp C A), which will show that 
I C |('J'pnRuns v 4 (®, y)) and thereby the maximality of J,(tpCRunsA(cc, y)). 
Since p is in /, there is a run p/\ in A such that p<!pA- Then, for any prerun 
po in /, since I is directed there exists p\ in / with pa, po <3 p\. Finally, since 
I = |A, there exists p 2 in A such that pi < p 2 , i.e. p 2 £ tp FI A as desired. 

Conversely, if I is a maximal ideal of J.Runs^fcc, y). then by 
it is adherent and thus equal to |A for some directed subset 
in Runs^cc, y). Pick some po in A; then / C ^(tPo H Runs^x, y)), and 
equality follows from the maximality of I. □ 

Note that the sets |(tpC Runs^(a:, y)) and i(tp / FI Runs^(a;,y)) for p / p' 
might coincide, even for minimal p and p' , so there is no canonicity in terms 
of those basic runs. 

What we seek now is a more syntactic representation for such ideals, 
which would not require to explicitly exhibit a run p. 

7.2. Perfect Runs. Let us accordingly fix a run p = Co —4- ci • • • c/._ ] —4 
Cfc with x = eg and y = throughout this subsection. 


Lemma 4.6 
A of runs 


7.2.1. Transformer Relations Along a Run. Consider the relation R of tu¬ 
ples ((uo, «o)) • • • j ( u k, Vfc)) of pairs in x such that: 

C 0 Cl Cfc . . 

0 = uo rx vo = u\ rx vi ■ ■ ■ = Uk rx Vk = 0 (14) 

and let us introduce the relation P j defined for 0 < j < k by: 

Pj = f {(uj,Vj) I ((w 0 ,v 0 ),...,(w fc ,Vfc)) € R} . (15) 

Cj 

Informally, each Pj is the subset of rx that can be completed into some run 
in tpCRuns^cc, y). We can check that R and each P j is a periodic relation 
since each transformer relation is periodic. 


7.2.2. Global Ideal Representation. Denoting by 7 j the pair ( Cj , P j 
rive from Lemma 6.3 the following equality: 


|0 7 . = 4.a“ x x|«: 


,out 
" 7 3 


we de- 
( 16 ) 


Notice that s™ = x and = y. Moreover, the triple e.j = f ( 3 °“^, dj, s™) 
is a partial transition for every 1 < j < k. 
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Observe that 4-(t P O Runs^(a;, y)) is included in 

lx x (lE^y ■ A 0 ■ (lE^y ■ ■ ■ A k ■ {lE lk y X lv (17) 

where Aj is the atom The converse inclusion will be a consequence 

of lLcnnna 7.31 and ILemma 7.51 

In the upcoming subsection, we derive a condition satisfied by the follow¬ 
ing sequence £ p of interspersed marked witness graphs and actions, which 
allows to represent the ideal © = 

£ P = M io, «i, M n , • ■ •, a k , M Jk . (18) 

7.3. Perfect Marked Witness Graph Sequences. A marked witness 
graph sequence £ is a sequence 

£ = Mo, oi, M\,... a k , Mfc , (19) 

where Mq, ..., M\~ are marked witness graphs and a\,...,ak are actions 
in A. In the sequel, Mj denotes the marked witness graph (s™, Gj, s° ut ) 
where Gj is the witness graph (< Sj, Ej , sf). The sets F™, Fj,F° ut denote the 
finite coordinates of Sj, s° ut . The two partial configurations s™ and s£ ut 
are assumed to be respectively x and y. Such sequences £ are also called 
marked graph-transition sequences in [26], and are the structures maintained 
throughout the KLMST decomposition algorithm. 


7.3.1. Ideals and Runs. A marked witness graph sequence £ defines a prerun 
ideal 

k = lx x (lE 0 y • A\ • (my • • • A k ■ a E k y x ly (20) 

where Aj = -J,(s°l lt 1 , aj, s) n ) U {e} for all 1 < j < k. It is also associated with 
a set of runs fig of the form 




a o. 


y o 


a i, 


Xl 


y i 


a-k. 




^k. 


yu 


( 21 ) 


where each Xj - 4 - yj is a run in IIm, ■ Note that C Jg. 

We show next in Lemma 7.3 that for marked witness graph sequences 
£ which satisfy the perfectness condition of Lambert [26]—which is mostly 
equivalent to Kosaraju’s 9 condition —, the prerun ideal Ig associated with 
£ is adherent. This condition is not arbitrary, but stems from the properties 
of the sequences £ p we derived in sections [6] and [7j 


7.3.2. Perfectness Condition. Perfectness is defined by introducing a linear 
system over the natural numbers that denotes a set Lg of solutions. This 

linear system relies on a binary relation ---> over configurations in N a , where 
ip: E —> N denotes some function defined on a finite set E of partial transi- 

tions. The relation is defined by x--+y if y = x + YleeE ' i A( e )^( e )! where 
A(e) = f a for a partial transition e labelled by a. 

Let Lg be the set of tuples (xq, f>o, yo,..., Xk, ipk, 2/fe) where ifj: Ej —> N 
is a function satisfying for every s G Sj\ 

Vb( e ) = Vb( e ) 

eG^|tgt(e)=s eE-Ej |src(e)=s 
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and xo,yo,... ,Xk, y k are configurations in such that 

V’o ai V>i fk 

xo--+yo —> xi—+yi ■ ■ ■ x k --+y k 


and such that for every 0 < j < k 


7Tpin (Xj ) — S 


A TTpout [tfj ) — 


nut 


Notice that L g is defined as solutions of a linear system. Moreover, for every 
run in fig of the form (21), by introducing the Parikh image 'tfjj : Ej —> N of 
the cycle on Sj labelled by Uj, we get a sequence ((xo,fii,xi), ..., (x k ,fi k , yk )) 
in Lg. 


Definition 7.2. T marked witness graph sequence is said to be perfect if it 
satisfies the following conditions for all j: 

• and s° ut are respectively forward and backward pumpable by Gj, 

• sup Xj = and sup Yj = s° ut , 

• sup'Pj(e) = oj for every e G Ej, and 

where Xj, Ty, and Yj are resp. the sets of elements Xj, fij , and yj satis¬ 
fying: 

((x 0 ,fi 0 ,y 0 ),..., (x k ,fi k ,y k )) G Lg . 


Perfect witness graph sequences denote adherent ideals: 


Lemma 7.3. If £ is a perfect marked witness graph sequence, then /g is in 
the adherence ofKunsA(x,y) and lg = J,fig. 


Proof. The proof comes from [261 Lemma 4.1] and shows that a directed 
family of runs of the following form can always be extracted from a perfect 
marked witness graph sequence: 

^+,o<ro w o^-,o ai <7 +,k‘ T fc“’* <7 -,fc 

Xq, n ” t yo t n t X\ n ■ • • X k n t y k ,n 



(J _|_ j (J j (JU j U _ j 

such that each run family x hn —— -—> y J/tl is directed with as 

downward-closure. Intuitively, a + j pumps up the components in Lj n \ Fj, 
<7_j pumps down those in F° nt \ Fj, and aj is the label of a cycle on Sj 
such that every transition in Ej occurs at least once along the cycle. The 
sequence Wj comes from a solution of the linear system Lg. □ 


7.3.3. Deciding Perfectness. We can decide if a marked witness graph se¬ 
quence is perfect as follows. First of all, observe that checking if a partial 
configuration x G Nf, is pumpable (either backward or forward) by a wit¬ 
ness graph G = (S , E, s ) can be performed in exponential space since this 
problem reduces to the place boundedness problem for vector addition sys¬ 
tems PUS]. Moreover, since we can compute the unbounded components 
of the set of solutions of a linear system on N in nondeterministic polyno¬ 
mial time, we can effectively do this computation on sets Lg of solutions for 
marked witness graph sequences £. Hence: 

Lemma 7.4. The perfectness of a marked witness graph sequence is decid¬ 
able in exponential space. 
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7.4. Run Ideals. We have seen that the downward closed set f Runs^x, y) 
can be decomposed as a finite union of ideals 1^ where £ p is the marked 
witness graph sequence associated to p. By the following lemma, this implies 
that i Runs^cc, y) can be represented using a finite set of perfect marked 
witness graph sequences. 


Lemma 7.5. The marked witness graph sequence is perfect for every 
run p. 


Lemma 6.4 


Proof. By 
pumpable by G' 7j 


for all j, and s™. are resp. forward and backward 




Regarding the conditions on Le, for every tuple ((ito,uo),..., {u k ,v k )) 


in R , every sequence family {ctj)i<j<k in A* such that pj == (cj + 
c j + Vj), and every n E N, we observe that 


U ; 


((c 0 + nu Q ,mp o, c 0 + nv 0 ), ...,(c k + nu k , nip k , Cfc + nv k )) 


is in L^ p where ipj : Ej —> N is the Parikh image of the cycle 7r 7j (pf) on Sj in 
Gj. In particular, if = u for some i E F™ and some 0 < j < k, then 

there exists ( Uj,Vj ) E Pj such that uj(i) > 0. By completing this pair as 
a tuple ((uo,vq), ..., (u k ,v k )) in R , we deduce that supXj(f) = oj. Thus 
sup Xj = sfi , and we get similarly sup Yj = s°'. lt and sup (e) = u for 
every e E Ej. Thus £ p is perfect. □ 

Theorem 7.6. For any perfect marked witness graph sequence £, I j C 
4, RuriSyi(cc, y). Moreover, there exists a finite set S of perfect marked wit¬ 
ness graph sequences such that 

|RunsA(*,y) = (J - 

«6H 


8. The Decomposition Algorithm 


We explain succinctly in this section how the classical KLMST algo¬ 


rithm of Mayr, Kosaraju, and Lambert computes the decomposition of 


l Runs^cc, y) into ideals. By Theorem 7.6 these ideals can be presented 


as finite families of perfect marked witness graph sequences. 

The KLMST algorithm operates along the same general lines as the ab¬ 
straction refinement procedure of Section 5.2 It refines successively a finite 
family of marked witness graph sequences from x to y while maintaining 
as an invariant 

Runs A (x,y) = |J (23) 

for all n. Because C I g for all £, this implies 

lRuns A (x, y) C D n = \J % (24) 

£es n 

as in the abstraction refinement procedure. 

If every marked witness graph sequence in is perfect (which is decidable 
by Lemma 7.4), the algorithm stops since by |Lemma 7.3 

€ . (25) 


|Runs A (x,y) = (J I t 
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Otherwise, the family E n is decomposed into a new family H n+ i as follows: 
we pick a marked witness graph sequence ( G H„ that is not perfect. The 
imperfectness of £ provides a way of computing a new finite family dec(£) 


of marked witness graph sequences from x to y (see Section 8.2) with 


rig/. 

£'edec(£) 


(26) 


The family is then defined as 


n+\ == (Sri \ {£}) U dec(£) . 


(27) 


Termination is ensured through a ranking function relating £ with each 
sequence in dec(£), see|Section 8.3 The KLMST algorithm shows: 


Theorem 8.1 (Decomposition Theorem). The ideal decomposition o/^Runs^a:, y ) 
inside PreRuns^ is effectively computable. 


Because J, Runs,! (an y) = 0 if and only if Runs^a:, y) = 0, this yields: 

Theorem 8.2 (Mayr [33] . Kosaraju [23], Lambert [26]). VAS reachability 
is decidable. 


8.1. Initial Family. The KLMST algorithm starts with an initial family 
Ho containing a single marked witness graph sequence £o, itself reduced 
to a single marked witness graph M = ( x,G,y ) where G = ( S,E,s ) is 
defined by s = (w,..., cj), S = {s}, and E = S x A x S. Note that 
Dg 0 = RunsA(*,y) and 

|RunsA(a;, y) C Dq = fx x (N d X A x N d )* X fy . (28) 


8.2. Decomposition. Let us fix a marked witness graph sequence £ that 
is not perfect, and let us recall how the finite family dec(£) is obtained in 
the KLMST algorithm. We assume that 

£ = M 0 ,ai,Mi,...a k ,M k , 


where Mo,..., M k are marked witness graphs, and oi,..., a k are actions in 
A. In the sequel, Mj denotes the marked witness graph (s“, Gj, s° ut ) and 
Gj is the witness graph ( Sj,Ej,sj ). We let Fj n , Fj. F° ut be respectively 
the finite components of s 1 ", s,- and s^ ut . 

J J 


Remark 8.3. The main difference between the KLMST algorithm and the 
abstraction refinement procedure from Section 5.2| lies in the decomposition 
step. Because some of the ideals I £ denoted by the various sequences £ in 
E n might be comparable, a decomposition step (27) might leave D n = D n+ \ 
unchanged. This explains why we cannot use Fact 3.3 to prove termination 


but rely instead on a ranking function in Section 8.3 It would be interesting 


to provide a variant of the KLMST decomposition algorithm that follows 
more closely the abstraction refinement procedure. □ 
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8.2.1. Unpumpable Case. If s'J' is not forward pumpable by Gj, the algo¬ 
rithm of Karp and Miller [23] provides an effective way of computing an 
index i 0 Fj and a constant c such that configurations occurring in any run 
p in Om :i are bounded by c on component i. The same property holds if 
symmetrically s° ut is not backward pumpable by Gj. 

In such cases the graph Gj can be synchronised with a finite state au¬ 
tomaton A with states in S = {0,..., c} and transitions of form (n, a, rn) E 
S x A x S satisfying m = a{i) + n. This synchronisation might produce a 
graph that is no longer strongly connected, but it can be decomposed into 
strongly connected components. This way we obtain a finite family dec(£) 
of marked witness graph sequences where the graph Gj in £ is replaced by 
sequences of subgraphs of Gj x A where the finite components Fj of Gj are 
replaced by a larger set Fj L) {i}. 


8.2.2. Input/Output Bounded Solutions. Now, let us assume that £ is not 
perfect due to the conditions on the set of solutions L £. Following the 
notations introduced in [Definition 7.2 , recall that we can check in nonde- 
terministic polynomial time whether sup Xj(i) < uj for a component i such 
that s™(i) = uj. If it is not the case, we obtain a component i 0 F m such 
that sup Xj(i) = c is finite. Such a bound is computable in deterministic 
polynomial time. Now, just observe that component i of s” 1 can be replaced 
by all the possible values up to c. We obtain in this way a finite family 
dec(£) where the set Fj n is replaced by Fj n U {i}. The same construction 
can be applied symmetrically when sup Y j does not match s° ut . 


8.2.3. Edge Bounded Solutions. Finally, assume that {Vh'( e ) I l h £ is 
bounded. Once again, we can effectively compute in deterministic polyno¬ 
mial time an upper bound c of this set. Notice that in this case, every run 
Pj E ClMj labelled by a word a provides a cycle on s 3 in Gj in such a way 
that e occurs at most c times. By removing from Gj the edge e we obtain 
a graph that may not be strongly connected any more. However, by com¬ 
puting strongly connected components, we obtain in this way a finite family 
dec(£) such that the graph Gj has been replaced by sequences of up to c 
graphs, each with a set of edges included in Ej \ {e}. 


8.3. Ranking Function. We present the usual termination argument for 
the KLMST algorithm by explicitly giving a ranking function r from marked 
witness graph sequences into an ordinal, such that r(£) > r(£ / ) for all £' in 
dec(£). 

8.3.1. Ordinals. Rather than the usual multiset ordering over triples in N 3 
ordered lexicographically used in the KLMST algorithm, we use an equiv¬ 
alent formulation using ordinals. Recall that an ordinal a < Eq can be 
written in Cantor normal form (CNF) as a = uj ai + • • • + uj an where 
a > a\ > ■ ■ ■ > a n , or equivalently as a = uj ai ■ c\ + • • • + • c n with 

a > a\> ■■■> a n and finite Cj’s. 

One can compare two ordinals a = cu Ql + • • ■+u> an and j3 = i + • • -+w^ m 
using their CNFs: a < (3 if and only if there exists k < m such that a.j = /3j 
for all 1 < j < k with j < n, and n < k or a*, < /?£. 
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The natural sum of two ordinals a = uj ai + • • • + w“" and /3 = + ■ ■ • + 

u/ m is defined as a © /3 = f a ; 71 + • • • + cj 7ri + m such that 71 > • • • > 7 n+m is a 
reordering of the cu’s and /3j’s. 

8.3.2. Rank of a Marked Witness Graph. We associate with a marked wit¬ 
ness graph M = (s in , G , s out ) an ordinal /3 m in w 3 defined as 

/3 m = oj 2 • (d - |F|) +u-\E\ + (2d - |F in | - |F out |) (29) 

where G = ( S,E,s ), and F m , F, F out are respectively the defined compo¬ 
nents of s m , s, s out . Note that this is equivalent to a lexicographic ordering 
over triples in N 3 . 

8.3.3. Rank of a Sequence. We associate with a marked witness graph se- 
quence £ = Mo, 01 , Mi,..., a*,, Mk the ordinal r(£) in defined by 

r(£) = © ^ . (30) 

i<i<fc 

Note that this is equivalent to a multiset ordering over the /3 m, • 

8.3.4. Termination Argument. By seeing the KLMST algorithm as con¬ 
structing a tree with £ labelling the parent node of £' if £ is imperfect and 
£' £ dec(£), this ranking function shows that the tree has finite height. Since 
the families Ho and dec(£) are finite, this tree is also of finite degree, and is 
therefore finite by Konig’s Lemma. 


9. Fast-Growing Upper Bounds 


We establish in this section an F w 3 upper bound on the complexity of the 
KLMST decomposition algorithm, which yields the first upper bound on the 
complexity of VAS reachability. Without loss of generality, we can assume 
that the actions in A are in {—1, 0, l} d . 


9.1. Subrecursive Hierarchies. As noted early on e.g. by Muller [35], the 
complexity of the decomposition algorithm of Mayr Kosaraju, and Lambert 
is not primitive-recursive. As a consequence, we have to employ some lesser 
known complexity classes in order to express upper bounds on the running 
time and space of this algorithm. 


9.1.1. The Hardy Hierarchy. A convenient tool to this end is found in the 
Hardy hierarchy of functions. Given some monotone expansive function 
h:N —> N, this is an ordinal-indexed hierarchy of functions (h a : N -A N) Q 
defined by transfinite induction by 

h°(x) = x , h a+1 (x) = h Q (h(x)), h x (x) = h x &(x), 

where A denotes a limit ordinal and A(x) the xth element of its fundamental 
sequence. The latter is usually defined for limit ordinals below £0 by 

( 1 + ^ +1 )(x)= 1 + co^(x + l), 

(7 + w A )(:r) = f 7 + . 

Observe that h k for some finite k is the kth. iterate of h. At index cj, 
oj(x) = x + 1 and thus h u (x) = h x+l (x)\ more generally, h a is a transfinite 
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iteration of the function h, using a kind of diagonalisation to handle limit 
ordinals. 

Example 9.1. For instance, starting with the successor function H(x) == 
x + 1, we see that H u (x) = H x (x + 1) = 2x + 1. The next limit ordinal 
occurs at H u ' 2 (x) = H u+X (x + 1) = H u} (2x + 1) = 4x + 3. Fast-forwarding a 
bit, we get for instance a function of exponential growth (x) = 2 X+I (x + 
1) — 1, and later a non-elementary function H u , an “Ackermannian” non 
primitive-recursive function H w , and a “hyper-Ackermannian” non multi- 

u) U 

ply recursive-function H u . □ 

9.1.2. Complexity Classes. Although we could derive upper bounds in terms 
of Hardy functions, it is more convenient to work with coarser-grained com¬ 
plexity classes. For a > 2, we define respectively the fast-growing function 
classes (J ^ a )a of Lob and Wainer [33] and the associated fast-growing com¬ 
plexity classes (F Q ) a of M by 

&< a = f U FSpace^^u)) , (31) 

/3<u a 

F M = 1J Space (h“ a (p(n))) , F a d = f F H , a , (32) 

P&^<a 

where FSPACE(s(n)) (resp. Space(s(?i))) denotes the set of functions com¬ 
putable (resp. problems decidable) in space 0(s(n )) and H is the successor 
function H(x) == x+l. This defines for instance as the set of primitive- 
recursive functions, and F w as the class of problems that can be solved in 
Ackermann time of some primitive-recursive function of their input size. 
Here F w 3 is not primitive-recursive, but among the lowest multiply-recursive 
classes. 

9.2. Length Function Theorems. Given some wqo ( X , <), let us posit a 

norm |.|x: X —> N over X such that X< n = f {iGl \ x \x < is finite for 
every n. Given a control function g: N —> N which is monotone expansive 
and some initial norm n G N, we say that a sequence xo,xi,... over X is 
(g,n)-controlled if for all i, \xi\x < 9 % {n) the ith iterate of g. Then there 
exists maximal (g, uncontrolled bad sequences over (A, <), and we write 
Lg,x{n) for their length. 

Length function theorems provide upper bounds on this maximal length 
L g) x{n). The upper bounds we use from [42, 40] are expressed in terms of 
another hierarchy of functions called the Cichon hierarchy (h a : N -A N) a . 
The relation with the Hardy hierarchy is that, if a controlled sequence is of 
length bounded by some h a (x) from the Cichon hierarchy, then the norm of 
all its elements is bounded by 

h h ^ x \x) = h Q (x) (33) 

in the Hardy hierarchy. 

For instance, upper bounds for (N rf x Q,<) for some finite set Q, along 
with the product ordering, can be found in [42[ Theorem 2.34], where the 
norm of a pair ( x , q) from X Q is rnaxKj^ x(i ): 
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Fact 9.2 ([32])- Let H{x) = x + 1 and n,d > 0. Then L H ^d x q(7i) < 
^■|Q|d(^) < d +1 (IQIdn). 

Proof. Let us first recall the definition of the Cichoh hierarchy of functions 
for indices a < £o [7]: 

ho(x) = f 0, h a+ i(x) = 1 + h a (h(x)), h x (x) = h X ( x )(x). 

Consider any control function g, dimension d, finite set Q , and initial 
norm n. By computing the maximal order type ix d ■ \Q\ of N d x Q, and 
when provided with a function h with h(dx — d + 1) > dg{x) — d + 1, we can 
combine Corollary 2.24 and Theorem 2.34 from 021 to show that 

L g ^d X Q(n) < h u d.\Q\ (dn — d + 1) . 

Since we are dealing with VAS actions in { — 1,0, l} d , our control function 

g is H(x ) == x + 1, and we can choose h(x) = f x + d = H d (x). The statement 
then follows from the fact that, for such a function h and assuming d > 0, 

h a (x ) 5; H a .(i{x ) 

for all a < eo and x, which can be checked by (a somewhat technical) 
transfinite induction over a. □ 


Another example from m Theorem 3.3] is a length function theorem for 
ordinals below £o, where the norm N(a) of an ordinal a = w Q1 • c\ + • • • + 
c• c n with a > > • • • > a n > 0 and u > c \,..., c n > 0 is the largest 

constant that appears in it: N(a) = maxi<j< n {cj, A r (aj)}: 


Fact 9.3 (|U| ). Let a < £q be of norm N(a ) < n. Then L g a (n) = g a (n). 

9.3. Controlling the KLMST Decomposition. Recall from Section 8~3] 
that the KLMST algorithm terminates because anv descending sequence of 
ordinals in is finite. As remarked in Example 3.2, descending sequences 
over an ordinal are bad sequences. From the previous discussion of length 
function theorems, in order to apply the bounds from 0Q3 on the norms in 

3 

bad sequences over uA , we need to find a control function for any sequence 


r(£o) > r{£ i) > • 


(34) 


of ordinals in uA found along a branch of the tree described in 


(8.3.4 


l 11 def 
V = 


9.3.1. A Measure on Marked Witness Graph Sequences. Let us write 
max,; e p v(i) for the infinite norm of partial vectors in Nf, and | 
max„ e v(|^|j ||u||) for a set V of partial vectors. Using the norm func- 


y II d Af 


tion N over £q defined above on the ordinals in (29) and (30), we see that 
N(r(£)) is bounded by 


||£|| = f max (2d, k, \EA 

0 <j<k ' 


-Out I 


(35) 


for £ = Mq, oi, ..., afc, Mfc where Mj is the marked graph (s) n , Gj, s° ut ) and 
Gj = ( Sj,Ej,Sj ). Note that ||£o|| = max(2d, 1, |A|) initially. 
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9.3.2. Controlling Decompositions. We are going to exhibit a control func¬ 
tion g such that | ]£,;]] < </*(||£o||) for ah descending sequences ( |34| ) and index 
i. which will therefore also be a control function on ( |34| ) for the ordinal 
norm. It suffices to show that H^H < y(||£||) whenever £^ E dec(£). Let us 
analyse how this measure evolves in the different decomposition cases: 


(1) In the unpumpable case, the constant c can be bounded using Fact 9.2 


by H“ d+1 (d 2 ■ 


|Sj| • max( 


-,Ollt I 


(see also {19 , Theorem 2.10] 


or 


m Section VII-C] for similar enough bounds in terms of the 


fast-growing function F^+i = H ^ d+1 ). The resulting sequences £' in 


dec(£) satisfy therefore ||^ , || < H^ d+1 (||£|| 4 ). 

(2) In the input/output bounded case, the constant c is at most expo¬ 

nential in the size of the linear system L £, which is of polynomial 
size in ||£||. Thus ||^ , || < for some fixed polynomial p. 

(3) In the edge bounded case, the constant c is similarly at most ex¬ 
ponential in the size of L £ and again ||^ , || < 2 p d ^0 for some fixed 
polynomial p. 

Assuming d > 1, H ud+1 (x) > 2 X , hence we can choose g(x) == H ud+1 (p(x)) 
for some fixed polynomial p as our control function. This is a primitive- 
recursive function in <Ld for any fixed d, and is in JF <u +i when d is part 
of the input. 


9.4. Complexity Bounds. 


Assuming ||£o|| > 3, by Fact 9.3 the norm of 

8 (ll£oll). 


the elements in any sequence (34) controlled by g is at most g 

- 3 

This function can be computed in space g^ (e(||^o||)) f° r some elementary 

function e by m Theorem 5.1]. This yields the same bound on the space 
used by a nondeterministic version of the KLMST decomposition algorithm, 




= F 


which guesses a branch like (34) that leads to a perfect marked witness graph 
sequence if there is one. Finally, because our function g yields F„ 
by m Theorem 4.4], we obtain: 

Theorem 9.4. V.AS reachability is in F^. 


9.5. A Combinatorial Algorithm. The bounds in |Section 9.4 allow to 
propose a conceptually simple algorithm for VAS Reachability, based on a 
small run property. If there is a run in Runsyi(a;, y), it must belong to some 


ecomposition. Thus this £ 
Lemma 7.3 we can extract 


for a perfect £ constructed by the KLMST c 

A 

is of measure ||£|| bounded by g u (||£o||)- Using 
a run of commensurate length {.. 

The combinatorial algorithm is a nondeterministic algorithm that first 
computes l and then guesses a run p in Runsyi(aJ,y) of length at most i. 
Its complexity is similar to that of the KLMST decomposition algorithm, 
in F,„3. 


10. Conclusion 


is most certainly a stroke of genius, allowing to prove the decidability of 
reachability in VAS. What was however sorely lacking until now was an 
explanation for this decomposition that could be adapted and extended in 
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various directions. Far from closing the subject, we expect this demystifica¬ 
tion to span a whole research programme. 

The first natural question is how easily one can use the framework of ideals 
on runs for various VAS extensions. A good test is the case of VAS with 
hierarchical zero tests, which were proven to enjoy a decidable reachability 
problem by Reinhardt [36]. A wqo on runs using nested applications of 
Higman’s Lemma for this extension is defined by Bonnet [6] in his alternative 
decidability proof using Presburger inductive invariants. Using the algebraic 
framework of Section 4.3, we see that prerun ideals for this new ordering are 
essentially nested products, and thus bear at least a superficial resemblance 
to the structures manipulated by Reinhardt [36]. The framework could also 
shed new light on reachability in other VAS extensions [281 39, 97] , 

A second question is whether we can significantly improve the F w 3 upper 
bound provided in Section 9 The best known lower bound on the running 


time of the algorithm is Ackermannian, i.e. F w , leaving a huge gap on the 
complexity of the KLMST algorithm, and a gigantic gap on the complexity 
of VAS reachability, which is only known to be ExpSPACE-hard. 


Acknowledgements. The authors thank J. Goubault-Larrecq, P. Karandikar, 
K. Narayan Kumar, and Ph. Schnoebelen for sharing their draft m with 
us and for insightful discussions around the uses of wqo ideals. 


Appendix A. Undecidability of Adherence Membership 

Theorem 5.2. The adherence membership of prerun ideals is already unde- 
cidable for ideals of the form fx x D* x fx for D a downward-closed subset 
of Trans./i and x in N d . 

The proof proceeds by a reduction from the boundedness problem for lossy 
Minsky machines, which was shown undecidable by Dufourd et al. m (see 
also the survey ]43]1. 

Lossy Minsky machines (LMM) are Minsky machines where counter values 
might decrease spontaneously at all times. Let us define their syntax and 
semantics in a style similar to those of VASs. Let d in N be the dimension 
of the machine, i.e. its number of counters. A Minsky action r is a pair 
( Z,a ) where Z C {l,...,d} denotes the components tested for zero, and 
a is a vector in T, d satisfying a(i) = 0 for every i € Z. We associate with 
such a Minsky rule r a transition relation —> over the set of configurations 
N d defined by x -4 y if x(i) = 0 = y(i) for every i E Z and y = x + a. A 
Minsky machine is a finite set R of Minsky rules. A Minsky machine R is 
said to be lossy if (0, — ef) E R for every 1 < i < d (where e* is the unit 
vector with 1 in coordinate i and 0 everywhere else). 

A set X CN d is called a post-fixpoint for a Minsky machine R if for every 
x E X and r E R the relation x -4 y implies |/£l, The reachability set 
Reach(R, cci n ;t) of a Minsky machine R from an initial configuration ccinit is 
the minimal post-fixpoint of R that contains the initial configuration. 

Problem: LMM Boundedness. 

input: A d-dimensional LMM R and an initial configuration ccj n jt in 
N d . 
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question: Is Reach(R, *i n it) finite? 

As mentioned earlier this boundedness problem is undecidable mm- 

Minimality of Post-Fixpoints. Note that, due to lossiness, any post-fixpoint 
is downward-closed and has therefore a finite ideal decomposition using 
vectors in Nf,. The ideal decomposition of Reach(R, aji n ; t ) is however not 
effective—or the boundedness problem would be decidable: the machine is 
unbounded if and only if some w-value appears in some coordinate of an 
ideal from the decomposition of Reach(R, a^t). 

Assume we have an oracle to decide whether a post-fixpoint X that con¬ 
tains Xi n i t is equal to Reach(i?, a^t). Because we can enumerate finite sets 
of vectors in Nf, and effectively check whether they define a post-fixpoint X 
that contains Xi n it, we could use this oracle to construct the ideal decomposi¬ 
tion of Reach(R, a^t)—and as noted just before, use the latter to decide the 
boundedness problem. This means that we cannot decide whether a post- 
fixpoint is equal to Reach(R, a?i n ; t )—this is similar to [43, Theorem 3.7]: 


Problem: Minimality of LMM Post-Fixpoints. 

input: A d-dimensional LMM R , an initial configuration in 
and a post-fixpoint X that contains a3j n it. 
question: Does X = Reach(i?, a3; n i t )? 

This problem is already undecidable for a slightly restricted class of 
LMMs: Observe that if = 0 then the reachability set is infinite if, 
and only if, there exists (Z, a) E R for some Z such that a > 0. So, we 
can assume in the previous problem that x- m \^ 0. Observe similarly that 

if (Z, a;i n it) E R for some Z (where necessarily a?i n i t (i) = 0 for all i & Z by 
assumption on Minsky actions), then nx i n ; t is reachable for every n £ N and 
by the previous assumption the reachability set is infinite. So we can also 
assume that for every (Z, a) E R we have a x- in \t and retain undecidability. 


Proof of Theorem 5.2\ We are going to reduce the problem of testing the 
minimality of LMM post-fixpoints to the adherence membership problem 
for an ideal of the form fx-^ x D* x iaimit where D is a downward-closed 
set of transitions. The main intuition is that a downward-closed set of 
transitions where some maximal transitions have zero components can be 
used to perform zero tests in a VAS, and simulate the behaviour of a lossy 
Minsky machine. 

Without loss of generality, we assume that (0, 0) belongs to R since the 
reachability set is unchanged by adding this Minsky rule. Let X C 
be a post-fixpoint of R that contains the initial configuration a^mt- By 
minimality of Reach(R, Xmit) we get Reach(R, a^mit) C X. We define a 
downward-closed set Dx of transitions of some VAS A in such a way that 
the inclusion Reach(R, a:; n it) C X is an equality if, and only if, the set of 
preruns (*i n it, w, ajinit) with transition sequence w G D* x is an ideal from 
Idl(RunsA (xi n it, x\ n \\ j). 

Our VAS is defined by 


A = f {a: init } U {a 


3Z.(Z, a) E R} 
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Our set D x is defined as the set of transitions 


Dx = {(O.CCinit^init)} 

U {(cc, a, y) E X x A x X \ 3Z3r = ( Z , a ) € R.x 4 y} , (37) 


which is downward-closed because X is, and we let lx denote the following 
set of preruns using transitions from Dx, which is an ideal of PreRuns^: 


I X = -IcCinit X D* x X jcc ini t . (38) 

Note that a representation of lx can effectively be computed from a repre¬ 
sentation of X. 


Claim 1. Reach (R,Xi n it) is the set of configurations x E such that there 
exists a run (. Xi n u,w,x ) with w E D* x . 

The proof is by induction on the length of runs (cc; n it, tc, cc) of A and runs 
CCinit -4 * of R. 


Claim 2. If X = Reach(i7, x im t) then I x is in the adherence o/Runs^cCmjf, Xi n n). 


Let t = ( x , a, y ) be a transition in D X - By definition x E X = Reach(R, aJmit) 
and we deduce by Claim 1 that there exists a run (x[ n [ t ,wt, x) with wt E D* 


'x■ 


Due to lossiness, there also exists a run with transition sequence w[ in D* x 
from y to 0 labelled by actions —e*. By definition (37) the transition 


Lnit = (0, Xinit,*imt) belongs to Dx- Hence for every t E D x there ex¬ 
ists a run with transition sequence Wttw' t t- m \x in D* x from x; n i t to cci n ;t along 
which t occurs. 

By concatenating such transition sequences, for every word w = t\ ■ ■ ■ tk 
of transitions ti,...,tk & D x , there exists a run from Xj n i t to £C; n it with 
transitions in D* x and with w as an embedded subsequence. We conclude 
by noting that these runs form a directed subset of Runs^(xi n i t , £Ci n it)- 


Claim 3. If I x is in the adherence o/RunsA(*imt, *i n »t) then X = Reach(R, Xi n if). 


Assume there exists a directed family A of runs with fA = I x ■ Let x E X; 
let us show that x E Reach(R, £Cj n it). The prerun (ccj n i t , to, ccj n i t ) with 

W = f (0, CCinit, ®init)(®, 0, x) (39) 


belongs to I x (recall that we assumed (0, 0) E R). Hence there exists a run 
p = (cci n it, w' , ccjnit) hi A with w w' (for the subsequence embedding over 
(N d x A x N d )*). Thus w' is in D* x and of the form 


W = Wl(y, CCinit ,y + £Cinit ) w 2 (x + Z , 0, CC + z)lU 3 


(40) 


for some vectors y and z in N rf . Because (Z, cc; n it) 0 R for any Z, y = 0. 
Therefore (cc; n it, u >2 , cc + z) is a run with transitions in D X - Hence by 


Claim 1 x+z is in Reach(R, cc; n it), and by lossiness cc is also in Reach(R, ccinit)- 
This shows X C Reach(R, ccinit) and thus Reach(R, cci n ; t ) = X. □ 
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